CVE-2013-0535

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
3.5LOW
EPSS
0.2%
top 63.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Classic Meeting ServerIBM Lotus Sametime
Timeline
PublishedMay 2
Latest updateMay 5

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages2 packages

NVDibm/classic_meeting_server6 versions+5
NVDibm/lotus_sametime11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-j2ff-6q2q-jh3c: Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 72022-05-05
CVEList
CVE-2013-0535: Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 72013-05-02
CVE-2013-0535 (LOW CVSS 3.5) | Multiple cross-site scripting (XSS) | cvebase.io